Detailed explanation of TCP data segment format + UDP data segment format

TCP Message Format

TCP (Transmission Control Protocol) is a connection-oriented, reliable, byte stream-based transport layer communication protocol.

The header of a TCP segment has 10 required fields and 1 optional field. The header is at least 20 bytes. The data following the header is optional.

1. Source port (16 bits)

Identifies the computer port or process that sends the message. A TCP segment must include the source port number so that the destination host knows where to send the confirmation message.

2. Destination port (16 bits)

Identifies the port or process of the destination host that receives the message.

3. Serial number (also called serial number) (32 bits)

Used to identify each segment so that the destination host can confirm that it has received the data in the specified segment. When the source host uses multiple segments to send a message, even if these messages arrive at the destination host in a different order, the sequence number allows the destination host to arrange them in order.

When the SYN flag is not set, this field indicates the sequence number of the first byte in the user data area; when the SYN flag is set, this field indicates the sequence number of the initial transmission.

In the first segment sent when establishing a connection, both parties provide an initial sequence number. The TCP standard recommends using a counter value that increments by 1 at 4ms intervals as the value of this initial sequence number. Using a counter can prevent the same sequence number from appearing when the connection is closed and then reconnected.

For segments that contain data, the number of the first data bytes in the segment is the initial sequence number, and subsequent data bytes are numbered sequentially. If the source host sends another segment using the same connection, the sequence number of this segment is equal to the sum of the sequence number of the previous segment and the number of data bytes in the previous segment. For example, suppose the source host sends 3 segments, each with 100 bytes of data, and the sequence number of the first segment is 1000, then the sequence number of the second segment is 1100 (1000 + 100), and the sequence number of the third segment is 1200 (1100 + 100).

If the sequence number increases to the maximum value, it will be reset to 0.

4. Confirmation number (32 bits)

The destination host returns a confirmation number to let the source host know that one or more segments have been received. If the ACK control bit is set to 1, this field is valid. The confirmation number is equal to the sequence number of the last segment received in sequence plus 1, which is also the sequence number value of the segment that the destination host hopes to receive next time. After returning the confirmation number, the computer believes that it has received all data less than the confirmation number.

For example, the sequence number is equal to the sum of the sequence number of the previous segment and the number of data bytes in the previous segment. For example, suppose the source host sends 3 segments, each with 100 bytes of data, and the sequence number of the first segment is 1000. After receiving the first segment, the destination host returns a header with an acknowledgment number of 1100. After receiving the second segment (with a sequence number of 1100), the destination host returns an acknowledgment number of 1200. After receiving the third segment, the destination host returns an acknowledgment number of 1300.

The destination host does not necessarily return an acknowledgment number after each received segment. In the above example, the destination host may wait until all three segments are received before returning a segment with an acknowledgment number of 1300, indicating that all 1200 bytes of data have been received. However, if the destination host waits too long before sending back an acknowledgment number, the source host will think that the data has not reached the destination host and will automatically resend it.

In the above example, if the destination host receives the first segment with segment number 1000 and the last segment with segment number 1200, it can return acknowledgment number 1100, but before returning acknowledgment number 1300, it should wait for the intermediate segment with segment number 1100.

5. Data offset (header length) (4 bits)

How far is the data start of the TCP segment from the start of the TCP segment, that is, the header length. Since the length of the TCP header varies with the content of the TCP option field, the header contains a field that specifies the header field. This field is in units of 32 bits, so the header length must be an integer multiple of 32 bits, and sometimes it is necessary to add 0 at the end of the header. If the header does not have a TCP option field, the header length value is 5, which means that the header has 160 bits, or 20 bytes.

6. Reserved bits (6 bits)

Consists of 6 bits following the data offset field, all of which are 0.

7. Control bit (6 bits)

Urgent URG: This position is 1, indicating that the urgent pointer field is valid. It tells the system that there is urgent data in this message segment and it should be transmitted as soon as possible.

Confirmation ACK: The confirmation number field is valid only when ACK = 1. TCP stipulates that after the connection is established, all transmitted segments must set ACK to 1.

Push PSH: When two application processes communicate interactively, sometimes the application process at one end hopes to receive a response from the other party immediately after typing a command. In this case, TCP can use the push operation. At this time, the sender TCP sets PSH to 1 and immediately creates a segment to send out. When the receiver receives the segment with PSH = 1, it delivers it to the receiving application process as soon as possible (i.e. "pushes" forward), instead of waiting until the entire buffer is filled before delivering it upward.

Reset RST: used to reset the corresponding TCP connection

Synchronous SYN: It is only valid when the TCP connection is established through three-way handshake. When SYN = 1 and ACK = 0, it indicates that this is a connection request message segment. If the other party agrees to establish a connection, SYN = 1 and ACK = 1 should be used in the corresponding message segment. Therefore, SYN set to 1 indicates that this is a connection request or connection acceptance message.

Termination FIN: used to release a connection. When FIN = 1, it indicates that the sender of this message segment has sent all the data and requires the transport connection to be released.

8. Window (16-bit)

This field is used for flow control. This value is the number of bytes that the local machine expects to receive at one time, that is, the window size for sending data. It tells the other party how much data can be sent without waiting for confirmation. The maximum length here is 2^16 - 1 = 65535. If you need to use a larger window size, you need to use the window expansion factor option in the options.

Refers to the receiving window of the party sending this message segment (not its own sending window).

9. Checksum (16 bits)

The source host and the destination host calculate the checksum based on the contents of the TCP segment and the pseudo header. The pseudo header contains information from the IP header and the TCP segment length. Like UDP, the pseudo header is not transmitted on the network, and the purpose of including the pseudo header in the checksum is to prevent the destination host from mistakenly receiving an erroneous datagram that has a route.

Pseudo Header: refers to the extended header structure consisting of 12 bytes of source IP address, destination IP address, protocol field of IP packet, total length of TCP or UDP datagram, etc. added to the front of the datagram header in TCP segmentation or UDP datagram format. This pseudo header is a temporary structure that is neither passed up nor down, but only to ensure the correctness of the socket can be verified.

10. Urgent pointer (16 bits)

It is only meaningful when URG = 1. It indicates the number of bytes of urgent data in this message segment (normal data comes after the urgent data), that is, it indicates the position of the end of the urgent data in the message. Note: urgent data can be sent even when the window is zero.

If URG is 1, the urgent pointer marks the end of the urgent data. Its value is the sequence number of the first byte of the urgent data, which represents the offset of the segment sequence number. For example, if the sequence number of the segment is 1000 and the first 8 bytes are urgent data, then the urgent pointer is 8. The general purpose of the urgent pointer is to allow the user to terminate the process.

11. Options, fill fields

It may include options such as "window expansion factor" and "timestamp". The length is variable and can be up to 40 bytes. When no options are used, the TCP header length is 20 bytes.

Padding is used to ensure that any option is an integer multiple of 32 bits.

12. Data (variable length)

The part after the end of the TCP header

UDP message format

UDP is the abbreviation of User Datagram Protocol. Its Chinese name is User Datagram Protocol. It is a connectionless transport layer protocol that provides simple, transaction-oriented, unreliable information transmission services.

1) Source port (2 bytes): sender port number

2) Destination port (2 bytes): receiving port number

3) Message length (2 bytes): The total length of the UDP user datagram, in bytes.

4) Checksum (2 bytes): Checks whether the UDP user datagram has errors during transmission and discards it if there are any errors.

Used to verify the number field of the UDP datagram and the "pseudo header" containing the UDP datagram header.

Pseudo Header: refers to the extended header structure consisting of 12 bytes of source IP address, destination IP address, protocol field of IP packet, total length of TCP or UDP datagram, etc. added to the front of the datagram header in TCP segmentation or UDP datagram format. This pseudo header is a temporary structure that is neither passed up nor down, but only to ensure the correctness of the socket can be verified.

5) Data: If the data part of UDP is not an even number, it needs to be padded with 0. That is, if the data length is an odd number, the data length is increased by "1".